Infrastructure & Application Security Engineer

About TraversalTraversal stands at the forefront of AI Site Reliability Engineering (SRE), trusted by leading enterprises globally to troubleshoot, remediate, and preemptively manage complex production incidents. Our mission is to liberate engineers from continuous firefighting, allowing them to channel their talents into innovative, impactful work.With deep…

About the Role Adaptive Security is looking for a Lead Application Security Engineer in NYC. This position shapes how we defend our software against threats, guiding security strategy and execution across our applications. What You Will Do Lead the design and rollout of security measures for software applications Develop and refine security strategies to address emerging risks Work closely with teams to uphold strong security standards Ensure our practices align with industry regulations and compliance requirements What Matters Here Deep experience in application security Ability to guide teams and set technical direction Commitment to both proactive defense and regulatory compliance

Join a Groundbreaking CompanyPalantir is at the forefront of innovation, creating unparalleled software solutions that empower data-driven decisions and optimize operations. Our platforms are instrumental in advancing life-saving medical breakthroughs, predicting supply chain challenges, and locating missing children, among other vital initiatives.Your Impactful RoleAs an Application Security Engineer, you will play a pivotal role in safeguarding critical information for our defense, intelligence, and commercial partners. You will be integral to our Application Security Team, which is dedicated to enhancing developer productivity while ensuring the highest security standards for our software products. The importance of application security is paramount given the sensitive work Palantir undertakes.Your responsibilities will encompass:• Comprehensive Product Security Reviews. Conduct extensive security assessments of our current and future product offerings, including whitebox, greybox, and blackbox evaluations. Collaborate with offensive security teams, engineering groups, and other InfoSec professionals to strengthen our products against sophisticated threats.• Architectural and Design Expertise. Act as the security authority for product architects and engineers, engaging in threat modeling, risk assessment, and the implementation of security controls to mitigate identified risks. You will influence product design to ensure security is embedded from the outset.• Leadership in Strategic Security Initiatives. Take ownership of transformative security projects that have a company-wide impact. Past initiatives have included implementing supply chain security measures, hardware-backed GPG key signing, and developing innovative security services and automation.• Vulnerability Detection and Resolution. Innovate new methods to identify and address security vulnerabilities in our products through static and dynamic analysis, security scanning, and collaboration with our incident response team and bug bounty program.This position offers substantial autonomy, a broad-reaching impact, and the necessary resources to drive significant security enhancements across Palantir.

Join Our Innovative Security TeamAt OpenAI, security is paramount to our mission of ensuring that artificial general intelligence serves the best interests of humanity. Our dedicated Security team safeguards OpenAI’s technology, personnel, and products. We are technical in our solutions and operational in our approach, committed to supporting all aspects of our products and research. Our guiding principles include prioritizing impactful initiatives, empowering our researchers, preparing for future technological advancements, and fostering a robust security culture.Your Role as an Application Security EngineerIn the role of Application Security Engineer, you will play a vital part in identifying and mitigating security vulnerabilities within our software applications. This involves creating security tools, conducting code reviews, performing penetration testing, and executing comprehensive security assessments.We seek individuals who will collaborate closely with development teams to embed secure coding practices throughout the software development lifecycle, preemptively addressing security risks. You will also offer security guidance to developers and stakeholders, promoting a culture of security awareness across the organization.This position is based in New York City, but we also consider candidates for remote work. Our hybrid work model requires three days in the office each week, and we offer relocation assistance for new employees.Key ResponsibilitiesConduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software.Create and Implement Security Tools: Design and develop security tools, frameworks, and methodologies to defend applications against potential threats.Collaborate with Development Teams: Work hand-in-hand with development teams to ensure security best practices are integrated throughout the software development lifecycle, including secure coding standards.Threat Modeling and Risk Assessment: Carry out threat modeling and risk assessments to proactively identify potential risks and devise effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and manage vulnerabilities within applications, providing guidance and support for remediation efforts.Incident Response Support: Assist in incident response efforts and contribute to the development of incident response protocols.

About RainAt Rain, we are pioneering the future of global payments, creating an innovative infrastructure that enables real-world applications of stablecoins. Our dedicated team comprises passionate builders and seasoned founders committed to revolutionizing how financial transactions occur. We collaborate with fintech companies, neobanks, and institutions to launch solutions that are global, inclusive, and efficient. Join us to make a significant impact in a rapidly growing company backed by leading investors in fintech, crypto, and SaaS.Our EthosWe promote an open and collaborative work environment where every team member can thrive. You will have the opportunity to steer your career path in alignment with your aspirations while contributing to the company's vision.Key ResponsibilitiesAs a Security Engineer specializing in Application Security, you will play a pivotal role in integrating security throughout Rain’s engineering lifecycle and ensuring the delivery of secure, reliable applications:Conduct thorough application security assessments, including vulnerability scanning, code reviews, and threat modeling in collaboration with engineering teams.Work closely with product and development teams to facilitate remediation and assist in understanding and addressing security vulnerabilities effectively.Implement and scale automated security tools across CI/CD pipelines (SAST, DAST, SCA, IaC) to enhance proactive security measures.Create and maintain application security standards, patterns, and protocols that mitigate risk while enabling fast delivery.Lead threat modeling and risk assessments for new features, APIs, and services.Partner with Cloud & Infrastructure Security teams to ensure alignment of security controls and support cloud-native security needs.Assist in incident response for application-level security events, conduct root-cause analysis, and develop mitigation strategies.Contribute to the development of internal training programs to enhance secure coding practices and developer security awareness.Monitor and report on key security metrics, trends, and insights for continuous improvement to leadership.

Are you passionate about safeguarding applications in a dynamic environment? Join us as an Application Security Engineer at Contentful. In this pivotal role, you will leverage your expertise to enhance the security posture of our applications, ensuring that our customers' data remains secure and protected against emerging threats.Your responsibilities will include conducting security assessments, implementing security best practices, and collaborating with development teams to integrate security into the software development lifecycle. We are looking for someone who is not only knowledgeable in application security but also eager to learn and adapt in a fast-paced setting.

About GeminiFounded in 2014 by Cameron and Tyler Winklevoss, Gemini is a prominent global crypto and Web3 platform that offers a diverse range of secure, reliable, and user-friendly crypto products and services. Serving individuals and institutions in over 70 countries, our mission is to usher in a new era of financial, creative, and personal liberty by granting trusted access to the decentralized future. We envision a world where cryptocurrency transforms the global financial landscape, the internet, and money itself, fostering greater choice, independence, and opportunity for everyone. As a publicly traded entity, Gemini is uniquely positioned to amplify this vision with greater scale and influence.The Application Security DepartmentAt Gemini, we operate at the critical juncture of financial services and innovative technology, where security failures can severely impact customer trust and regulatory compliance. Our Application Security (AppSec) team is dedicated to ensuring that security is integrated from the very beginning of product development. We aim to secure our products during the conceptual and building phases—right from the requirements documentation to architectural decisions and code implementation. We believe that the most valuable security contributions occur before the product is finalized, as addressing issues afterward can be prohibitively expensive.Role Overview: Senior Application Security EngineerAs a Senior Application Security Engineer on our AppSec team, you will serve as a valued partner to engineering, product, and business teams throughout Gemini. Your role will involve guiding these teams in the design and development of secure products while fostering a culture of security awareness and judgment. Given Gemini's AI-first approach, the AppSec team is responsible for building tools that secure this innovative vision.This position requires in-person attendance at our New York City office twice a week.

Join Palantir Technologies as a Product Infrastructure Security Engineer in New York. In this role, you will play a critical part in securing our infrastructure, ensuring that our products and services maintain the highest standards of security and reliability. You will work with top-tier engineering teams to identify vulnerabilities, implement robust security measures, and contribute to the overall security architecture of our systems.

CLEAR builds secure identity technology for both digital and physical spaces. With more than 38 million members and a growing global partner network, CLEAR’s platform helps people move through airports, stadiums, workplaces, and daily routines with greater safety and ease. Role Overview The Senior Security Engineer on the Infrastructure Security Engineering (ISE) team protects CLEAR’s core platforms. This position focuses on cloud security, identity management, and endpoint controls. The work centers on AWS and Kubernetes environments, using infrastructure-as-code to scale and automate security practices. What You Will Do Strengthen security across AWS and Kubernetes infrastructure Develop and implement security controls using infrastructure-as-code Work closely with Engineering, CorpIT, and Security teams to make security a default part of CLEAR’s systems Location This role is based in New York, New York, United States.

Join dev2 as an Application Security Engineer, where you will play a vital role in safeguarding our applications against security threats. You will collaborate with development teams to integrate security practices into the software development lifecycle and perform security assessments to identify vulnerabilities. Your expertise will help ensure our systems are secure, reliable, and compliant with industry standards.

K Health Careers seeks a Senior Application Security Engineer based in New York, NY. The focus of this role is to strengthen application security and protect user data and privacy across the organization. Key responsibilities Identify and analyze software vulnerabilities, then recommend practical solutions. Collaborate with developers and cross-functional teams to integrate security into every phase of the software development lifecycle. Conduct thorough security assessments and review both application code and system architecture. Advise teams on secure coding practices and support their adoption throughout the company. Lead projects focused on enhancing application security protocols and maintaining high standards. Collaboration and impact This position works closely with engineering and other stakeholders to embed security thinking into daily development. Sharing expertise, guiding teams, and shaping a strong security culture are central to the role.

Role overview modal seeks an Infrastructure Security Engineer based in New York. The position centers on safeguarding digital infrastructure and securing core systems that support daily operations. Key responsibilities Design and apply security controls across infrastructure components Perform risk assessments to spot and address vulnerabilities Monitor compliance with industry regulations and standards Strengthen systems to withstand new and evolving security threats Impact This role plays a direct part in protecting modal’s operations. By reducing risks and supporting secure growth, the Infrastructure Security Engineer helps maintain the safety and integrity of the company’s technology foundation.

Why join usBrex is revolutionizing the way businesses manage their finances with our AI-driven spend platform. We empower companies to make confident spending decisions through integrated corporate cards, banking solutions, and global payment systems, alongside innovative software for travel and expense management. Trusted by thousands of businesses ranging from startups to large enterprises — including DoorDash, Flexport, and Compass — Brex enables proactive spending control, cost reduction, and enhanced efficiency on a global scale.Joining Brex means pushing your boundaries, challenging conventional thinking, and collaborating with some of the brightest minds in the tech industry. We are dedicated to fostering a diverse and inclusive workplace culture, believing that your potential should only be limited by your aspirations. We provide the tools, resources, and support necessary for you to advance your career.Engineering at BrexAt Brex, engineering is all about creating scalable systems with intention and speed. Our teams encompass Software, Data, Security, and IT, operating with high autonomy and deep collaboration. We tackle complex technical challenges, take ownership of our results, and strive for excellence at every stage — from architecture to deployment. Here, engineering is treated as a craft, and builders are nurtured into leaders.Your RoleAs a Senior Application Security Engineer, your primary responsibility will be identifying and addressing security vulnerabilities across the Brex platform. This role involves conducting code reviews, design assessments, penetration testing, and vulnerability management. You will develop and maintain tools for static and dynamic testing of the Brex platform, as well as tools that facilitate secure developer workflows. As part of our broader Financial Scale organization, you will collaborate closely with Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure teams.We seek candidates with a strong foundation and enthusiasm for penetration testing. You should possess a proven track record of discovering vulnerabilities in complex systems and crafting exploits to demonstrate their business impact. This position is highly collaborative, offering the opportunity to engage with every engineering team at Brex. We value diversity and expect you to thrive in a variety of backgrounds, roles, and needs. Building a world-class financial service requires world-class security.Brex is at the forefront of the next wave of AI-driven financial services for dynamic, high-impact companies like Coinbase, Robinhood, and Anthropic. As we integrate AI throughout our product suite, you will play a pivotal role in shaping and influencing these developments.

At StubHub, we are committed to revolutionizing the global live event experience. Our goal is to ensure that every fan—from first-time attendees to seasoned concert-goers—enjoys a seamless journey from ticket discovery to event entry. We also prioritize our sellers, whether they are individual fans or large-scale promoters, providing a secure and convenient platform for ticket sales to millions of users worldwide.About the Team:Join the StubHub Cloud & Infrastructure Security Engineering team, where we are looking for a seasoned engineer to fortify our security framework in the cloud and infrastructure sectors. The ideal candidate will have a robust background in cloud security architecture, network security, and infrastructure automation, along with knowledge of container and operating system security.

Join Chainalysis as a Security Engineer focused on Product Infrastructure, where you will play a crucial role in securing our innovative technology solutions. Collaborate with cross-functional teams to develop robust security practices and ensure the integrity of our products.

About UsAt Imprint, we are revolutionizing co-branded credit cards and innovative financial products, making them smarter, more rewarding, and truly brand-centric. We collaborate with renowned companies such as Crate & Barrel, Rakuten, Booking.com, H-E-B, Fetch, and Brooks Brothers, to launch cutting-edge credit programs that enhance customer loyalty, offer significant savings, and drive substantial growth. Our advanced platform merges intelligent payment infrastructure with seamless user experiences, enabling brands to provide impactful financial products without the need to become a bank.Co-branded cards represent over $300 billion in annual spending in the U.S., yet many are still reliant on outdated banking systems. Imprint stands out as a modern alternative, characterized by flexibility, advanced technology, and a focus on today’s consumer needs. Supported by top-tier investors such as Kleiner Perkins, Thrive Capital, and Khosla Ventures, we are assembling an exceptional team to transform the landscape of payments and card technology. If you are eager to work in a fast-paced environment, tackle complex challenges, and make a meaningful impact, we invite you to connect with us.Discover more about our journey on Imprint's Technology Blog.Our TeamThe Security Engineering team at Imprint plays a crucial role in safeguarding the trust of our customers, partners, and products. We are dedicated to developing a comprehensive and scalable security program that protects our infrastructure, applications, and data from threats while allowing the company to innovate rapidly and securely. By joining our dynamic FinTech startup, you will significantly influence the future of payment solutions and card technology.Your RoleAs a Senior Application Security Engineer, you will be pivotal in ensuring our products and services are designed with security at their core. You will establish and implement security best practices across our applications, conduct thorough testing, and empower engineering teams to proactively identify and address vulnerabilities.LocationThis hybrid position allows you to work remotely while also spending 2-3 days per week on-site at our offices located in New York City, San Francisco, or Seattle as directed by your manager.Key ResponsibilitiesConduct systematic threat modeling, utilizing frameworks such as MITRE ATT&CK, to identify risks, define attack paths, and propose mitigation strategies early in the development lifecycle.Perform detailed security architecture reviews to ensure that applications and microservices adhere to secure design principles.Collaborate with engineering teams to conduct code reviews, identifying vulnerabilities and ensuring code quality meets security standards.

Join Datadog as a Senior Application Security Engineer and play a pivotal role in ensuring the security of our applications. You will be responsible for identifying vulnerabilities, implementing security best practices, and collaborating with development teams to promote a culture of security within the organization.

Join Scale AI as a talented Infrastructure Security Engineer, where you'll play a pivotal role in safeguarding the integrity and security of our platform. This position focuses on securing expansive cloud environments, managing and fortifying various compute clusters, and reviewing infrastructure as code. Your proficiency in cloud security, infrastructure automation, and advanced security practices will be crucial in upholding and advancing our security framework.Your responsibilities include:Securing infrastructure across major cloud hosting platforms (e.g., AWS, Azure, GCP).Implementing and maintaining comprehensive security configurations and policies for cloud environments.Conducting regular security assessments and audits to identify vulnerabilities and propose enhancements.Developing and enforcing security best practices for infrastructure automation and orchestration.Collaborating with Developer Experience, IT, and product teams to integrate security into every phase of the infrastructure lifecycle.Reviewing and securing infrastructure as code (e.g., Terraform, CloudFormation).Mentoring team members on infrastructure security best practices and emerging threats.

About AbridgeFounded in 2018, Abridge is on a mission to enhance understanding within the healthcare sector. Our innovative AI-driven platform is specifically designed for medical dialogues, optimizing clinical documentation while allowing healthcare professionals to prioritize patient care.Our enterprise technology revolutionizes patient-clinician interactions by converting them into structured clinical notes in real-time, boasting deep integrations with Electronic Medical Records (EMRs). With our unique Linked Evidence and auditable AI solutions, we are pioneers in the application of generative AI for healthcare, ensuring that our AI-generated summaries are aligned with ground truth, enabling healthcare providers to trust and verify our outputs swiftly. As trailblazers in the responsible use of AI across health systems, we are setting new industry standards.Our diverse team comprises practicing MDs, AI scientists, PhDs, creatives, technologists, and engineers committed to empowering individuals and enhancing the healthcare experience. We operate from offices in San Francisco's Mission District, New York's SoHo neighborhood, and East Liberty in Pittsburgh.The RoleAre you eager to contribute to the foundational security of cutting-edge AI in global healthcare? We are in search of a highly skilled and motivated Senior or Staff Application Security Engineer to join our burgeoning Security team at Abridge. As one of the pioneering engineers, you will play a pivotal role in directing initiatives that will influence our product, infrastructure, and engineering methodologies. You will have a significant impact on both the vision and practical execution of our secure software development lifecycle (SDLC) across our entire product range. Your responsibilities will involve collaborating with product and engineering teams to seamlessly integrate security, automate security measures, and mentor colleagues in the creation of secure-by-default systems at scale in the AI era. This position demands extensive technical expertise, a builder's mentality, and exceptional communication skills to foster a security-oriented culture throughout the organization.

About WRITERWRITER is at the forefront of AI-driven innovation, empowering leading enterprises to harness the potential of artificial intelligence in their operations. Our mission is to enhance human capabilities through superintelligence. We are making this vision a reality with robust and reliable AI solutions that bridge the gap between IT and business, driving transformative results across organizations. With our comprehensive platform, renowned companies such as Mars, Marriott, Uber, and Vanguard are successfully developing AI agents tailored to their unique data needs, all powered by WRITER's enterprise-grade LLMs. As a company valued at $1.9 billion and supported by prestigious investors like Premji Invest, Radical Ventures, and ICONIQ Growth, WRITER is establishing itself as a dominant force in the realm of generative AI.Founded in 2020 and with headquarters in San Francisco, New York City, Austin, Chicago, and London, our team thrives on innovation and agility. We seek intelligent and dedicated individuals to join us in shaping the future of work through AI. About the RoleIn this pivotal role as a Security Engineer focused on applications at WRITER, you will establish the security framework that safeguards our AI systems, which serve some of the most renowned brands globally. You will collaborate closely with engineering teams, integrating security seamlessly into every line of code while ensuring our platform remains powerful and reliable.This is a unique opportunity to influence the security landscape of enterprise AI applications. You will engage in threat modeling for our LLM architectures and develop automated security controls that scale as our platform expands. Your approach will focus on innovative solutions that enhance security rather than restrict it. You will face challenges that few security engineers encounter, such as securing AI agents, protecting training data pipelines, and designing controls for emerging systems.This position offers flexibility, allowing you to work remotely within the US or in a hybrid capacity from our San Francisco or New York City offices, reporting directly to the head of security engineering.